Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/f41051-0810-43ff-b196-cfefdfdfbe6b/1/PADzuzuq4wav_UTTw6CZ1AMfN1k.roa
File: PADzuzuq4wav_UTTw6CZ1AMfN1k.roa (raw, json)
Hash identifier: p8v9vu2Kygtnl2ionVEC+I6w1ZpcEtuWSpvSZ20WeTo=
Subject key identifier: 3C:00:F3:BB:3B:AA:E3:06:AF:FD:44:D3:C3:A0:99:D4:03:1F:37:59
Certificate issuer: /CN=d26a4409ea91f506d633871c6c35540d460337d1
Certificate serial: 018E4140BB3FF195C5CF1225D1888E8C287B
Authority key identifier: D2:6A:44:09:EA:91:F5:06:D6:33:87:1C:6C:35:54:0D:46:03:37:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0mpECeqR9QbWM4ccbDVUDUYDN9E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/f41051-0810-43ff-b196-cfefdfdfbe6b/1/PADzuzuq4wav_UTTw6CZ1AMfN1k.roa
Signing time: Fri 15 Mar 2024 08:35:44 +0000
ROA not before: Fri 15 Mar 2024 08:35:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198885
IP address blocks: 5.61.200.0/24 maxlen: 24
5.61.201.0/24 maxlen: 24
5.61.202.0/24 maxlen: 24
5.61.203.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 18 Mar 2024 08:32:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:41:40:bb:3f:f1:95:c5:cf:12:25:d1:88:8e:8c:28:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d26a4409ea91f506d633871c6c35540d460337d1
Validity
Not Before: Mar 15 08:35:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3c00f3bb3baae306affd44d3c3a099d4031f3759
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:dd:02:a2:18:f0:c8:85:33:8c:2b:b7:a2:1b:
2a:65:61:32:e2:4c:7d:c1:39:fd:05:44:60:51:53:
23:28:39:83:22:b8:d6:36:bc:e2:f9:77:4f:2b:f8:
de:11:95:34:c5:05:32:5a:f5:96:dd:35:23:53:34:
e8:e5:28:55:35:e1:9b:92:a3:f3:f0:a6:24:91:5f:
bb:d4:76:31:fd:6f:b1:58:35:05:9c:95:d4:74:24:
fa:9a:81:25:cd:70:21:7f:31:95:d7:94:38:30:6e:
cf:0e:4f:6b:f8:b1:d9:82:ba:fc:55:4e:78:8a:1c:
4b:11:82:6e:80:ee:b9:db:bd:28:4f:ad:e0:60:58:
bc:35:82:45:f6:e2:56:9d:b6:87:9a:ad:34:bc:a6:
9f:80:b1:40:02:68:97:62:4f:3f:b3:42:e6:16:59:
15:09:88:e6:31:f9:6c:7b:af:72:d5:1f:fe:b2:e7:
93:b8:67:0e:74:5e:e5:6f:d8:25:35:0d:fa:c5:45:
ff:7a:c7:8b:58:2a:c1:c5:6d:bf:40:03:2e:ab:d6:
22:24:33:2a:dd:d8:1c:83:a5:76:ce:bb:13:40:06:
99:c0:a1:d7:b8:48:35:1b:84:03:c7:89:66:eb:fd:
94:e2:da:dd:80:5a:de:99:15:b0:2a:98:1b:45:75:
e4:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:00:F3:BB:3B:AA:E3:06:AF:FD:44:D3:C3:A0:99:D4:03:1F:37:59
X509v3 Authority Key Identifier:
keyid:D2:6A:44:09:EA:91:F5:06:D6:33:87:1C:6C:35:54:0D:46:03:37:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0mpECeqR9QbWM4ccbDVUDUYDN9E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/f41051-0810-43ff-b196-cfefdfdfbe6b/1/PADzuzuq4wav_UTTw6CZ1AMfN1k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/f41051-0810-43ff-b196-cfefdfdfbe6b/1/0mpECeqR9QbWM4ccbDVUDUYDN9E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.200.0/22
Signature Algorithm: sha256WithRSAEncryption
39:8a:98:16:eb:a5:fb:87:5d:36:5c:e0:86:af:2e:7d:05:97:
21:f4:1e:23:59:25:3b:37:7d:37:b1:31:98:d5:f4:30:1a:99:
98:83:02:ad:25:97:e2:b7:6e:1d:64:4a:5e:23:35:cb:d4:eb:
28:31:5c:f6:bd:55:fa:dc:56:03:a9:50:fb:cd:53:f5:ce:5c:
86:98:e3:ed:b4:cf:a2:a5:de:4b:74:4d:31:02:d6:05:00:b6:
d0:e0:f5:42:2b:13:61:08:44:00:f4:d0:45:19:5b:7f:28:60:
b5:23:70:eb:95:8d:a7:2f:58:92:31:71:90:c9:5d:2e:1f:17:
c1:02:fe:fa:22:9c:86:df:12:f2:18:97:a6:2c:e9:53:33:c5:
aa:0a:82:f5:a7:65:6d:86:3b:32:6c:0d:9c:a1:84:84:4b:55:
a9:bd:b2:76:f6:c0:37:a7:26:ec:38:5f:a5:9f:9e:c8:15:fb:
1a:15:2a:0c:de:bf:6c:45:37:dc:4f:ac:a2:32:cd:05:b1:a7:
97:2f:e3:a9:6c:ac:3d:e4:70:ab:a0:cf:62:40:38:64:bc:7d:
71:2b:29:0f:cf:43:ac:a5:4c:53:e2:c6:8e:ff:07:28:c2:28:
13:ef:d8:11:3e:66:44:3d:03:dc:0f:da:11:e3:18:a6:44:89:
f8:5f:d5:29
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY5BQLs/8ZXFzxIl0YiOjCh7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNmE0NDA5ZWE5MWY1MDZkNjMzODcxYzZjMzU1NDBkNDYw
MzM3ZDEwHhcNMjQwMzE1MDgzNTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzAwZjNiYjNiYWFlMzA2YWZmZDQ0ZDNjM2EwOTlkNDAzMWYzNzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnt0CohjwyIUzjCu3ohsqZWEy4kx9
wTn9BURgUVMjKDmDIrjWNrzi+XdPK/jeEZU0xQUyWvWW3TUjUzTo5ShVNeGbkqPz
8KYkkV+71HYx/W+xWDUFnJXUdCT6moElzXAhfzGV15Q4MG7PDk9r+LHZgrr8VU54
ihxLEYJugO65270oT63gYFi8NYJF9uJWnbaHmq00vKafgLFAAmiXYk8/s0LmFlkV
CYjmMflse69y1R/+sueTuGcOdF7lb9glNQ36xUX/eseLWCrBxW2/QAMuq9YiJDMq
3dgcg6V2zrsTQAaZwKHXuEg1G4QDx4lm6/2U4trdgFremRWwKpgbRXXk/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDwA87s7quMGr/1E08OgmdQDHzdZMB8GA1UdIwQY
MBaAFNJqRAnqkfUG1jOHHGw1VA1GAzfRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMG1wRUNlcVI5UWJXTTRjY2JEVlVEVVlETjlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9mNDEwNTEtMDgxMC00M2ZmLWIxOTYt
Y2ZlZmRmZGZiZTZiLzEvUEFEenV6dXE0d2F2X1VUVHc2Q1oxQU1mTjFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9mNDEwNTEtMDgxMC00M2ZmLWIxOTYtY2ZlZmRmZGZiZTZi
LzEvMG1wRUNlcVI5UWJXTTRjY2JEVlVEVVlETjlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCBT3IMA0G
CSqGSIb3DQEBCwUAA4IBAQA5ipgW66X7h102XOCGry59BZch9B4jWSU7N303sTGY
1fQwGpmYgwKtJZfit24dZEpeIzXL1OsoMVz2vVX63FYDqVD7zVP1zlyGmOPttM+i
pd5LdE0xAtYFALbQ4PVCKxNhCEQA9NBFGVt/KGC1I3DrlY2nL1iSMXGQyV0uHxfB
Av76IpyG3xLyGJemLOlTM8WqCoL1p2VthjsybA2coYSES1WpvbJ29sA3pybsOF+l
n57IFfsaFSoM3r9sRTfcT6yiMs0FsaeXL+OpbKw95HCroM9iQDhkvH1xKykPz0Os
pUxT4saO/wcowigT79gRPmZEPQPcD9oR4ximRIn4X9Up
-----END CERTIFICATE-----
Generated at Mon Mar 18 11:46:52 2024 by rpki-client on console-ams.rpki-client.org